Skip to content

Python Networking in a Paragraph

The network is and always will be the sexiest arena for a hacker šŸ˜Ž

An attacker can do almost anything with simple network access, such as scan for hosts, inject packets, sniff data, and remotely exploit hosts. But if youā€™ve worked your way into the deepest depths of a target, you may find yourself in a bit of a conundrum: you have no tools to execute network attacks basicaly no netcat, no Wireshark, no compiler, and no means to install one. However, you might be surprised to find that in many cases, youā€™ll have a Python install.

So let's begin by understunding how a network works and how we can perform basic python operations on it šŸ˜ˆ

Computer Networking

A network is nothing more than two or more computers connected by a cable or by a wireless radio connection so that they can exchange information.

You can create a simple computer network by using a device called a switch to connect all the computers in your network to each other. You do that by stringing a network cable from the switch to each computer. The cable plugs into a special jack on the back of each computer; this jack is connected to a network interface, which is an electronic circuit that resides inside your computer to facilitate networking and VoilĆ ! You have a working network.

If you donā€™t want to mess with cables, you can create a wireless network instead like you probably have at home. In a wireless network, the computers use wireless network adapters that communicate via radio signals.

All modern laptop computers have built-in wireless network adapters, as do most desktop computers. (If yours doesnā€™t, you can purchase a separate wireless network adapter that plugs into one of the computerā€™s USB ports.)

Youā€™ll need a device called a wireless access point (WAP) to enable the com- puters to properly connect. In small office or home networks, the WAP is bundled with a device called a router, which lets you connect your network to the Internet. The combination of a WAP and a router is called a wireless router (or wireless firewall router) like the one you have in your home.

In the figure above you can see a typical network with five computers. This network is the Simpson home network used by our beloved family you may or may not have heard of. You can see that each family member has a computer that connects to the network. Two of them wirelessly, three of them through cables. Thereā€™s also a printer that connects wirelessly like you can see in your home.

In this example, the wireless router also has a built-in switch that provides several jacks for connecting computers via cable. Most wireless routers include this feature, typically with three to five wired ethernet network ports.

Although the network is a small one, it has much in common with larger networks that contain dozens, hundreds, or even thousands of connected computers.

Let's explain in details the Simpson familly network here :

  • Lisa has a laptop computer that connects wirelessly. She uses it mostly for school šŸ‘©ā€šŸ’»
  • Bart has a fancy gaming computer thatā€™s cabled directly to the router šŸŽ®
  • Marge doesnā€™t have a full-fledged computer, but she does use an iPad, which is connected wirelessly šŸ“±
  • Homer has an old computer he bought at a garage sale in 1989. He doesnā€™t know how to use it, but he doesnā€™t know that so no one tells him. Lisa set it up for him and repairs it when Homer breaks it (which happens every few months); she gets repair parts from eBay šŸ–„
  • The printer connects wirelessly to the network and is set up so that any member of the family can print on it šŸ–Ø
  • The wireless router connects to the Internet using the familyā€™s cable TV provider. This allows everyone in the family to access the Internet šŸ“ŗ

Why networking

If you are here, you know that computer networks are a pain to set up šŸ˜‚ So, why bother? Because the benefits of having a network outweigh the difficulties of setting one up. Computer Networks are all about sharing. Specifically, networks are about sharing three things: files, resources, and programs.

Accessing the Internet

Probably the main reason most small business and home networks exist is to allow everyone to access the Internet through a single shared Internet connection.

In the figure above, you can see that the wireless router is connected to the Internet. By sharing this connection, all the computers on the network, whether wireless or via cables, can access the Internet through the wireless router like we have seen in the previous section.

Itā€™s important to note that nearly all wireless routers also contain a builtin firewall. This firewall helps protect the computers on the network from the imminent dangers of the Internet. The moment you connect a home or office network to the Internet, cybercriminals will begin trying to break into your network and try to trick you into divulging sensitive information, such as the password to your bank account or other sensitive informations.

šŸš§ Never allow any computer to connect directly to the Internet without a firewall in place. šŸš§

Sharing files

Networks enable you to share information with other computers on the network. Depending on how you set up your network, you can share files with your network friends in several different ways (not only by using google drive or other cloud services).

You can for example send a file from your computer directly to a friendā€™s computer by attaching the file to an email message and then mailing it. Or you can let your friend access your computer over the network so that your friend can retrieve the file directly from your hard drive.

Yet another method is to copy the file to a disk on another computer and then tell your friend where you put the file so that your friend can retrieve it later. One way or the other, the data travels to your friendā€™s computer over the network cable and not on a CD or DVD or flash drive.

Sharing resources

You can set up certain computer resources such as hard drives or printers so that all computers on the network can access them.

For example, the printer our first figure is a shared resource, which means that anyone on the network can use it (Marge or Lisa can use this printer). In the other hand without the network, Marge, Lisa, and Bart would have to buy their own printers.

Hard drives can be considered as shared resources too. In fact, you must set up a hard drive as a shared resource to share files with other users. Suppose that Lisa wants to share a file with the Bart, and a shared folder has been set up on Homerā€™s computer. All Lisa has to do is copy his file to the shared folder in Homerā€™s computer and tell the Bart where she put it. Then, when the Bart gets around to it, he can copy the file from Homerā€™s computer to his own.

Sharing programs

Instead of keeping separate copies of programs on each personā€™s computer, put programs on a drive that everyone shares. For example, if ten computer users all use a particular program, you can purchase and install ten copies of the program, one for each computer. Or you can purchase a ten-user license for the program and then install just one copy of the program on a shared drive. Each of the ten users can then access the program from the shared hard drive.

šŸš§ Remember that purchasing a single-user copy of a program and then putting it on a shared network drive sothat everyone on the network can access it is illegal. If five people use the program, you need to either purchase five copies of the program or purchase a network license that specifically allows five or more users. šŸš§

Another common method for software vendors to license their software is through a monthly or yearly subscription. You just give them your credit card number, and they give you the right to use the software. You need a working Internet connection so that the software can confirm that you have a valid subscription each time you run the software but we will see this later in detail.

Another benefit of networking is that networks enable computer users to commu- nicate with one another over the network. The most obvious way networks allow computer users to communicate is by passing messages back and forth, using email or instant-messaging programs. Networks also offer other ways to com- municate: For example, you can hold online meetings over the network. Network users who have inexpensive video cameras (webcams) attached to their computers can have videoconferences. You can even play a friendly game of Hearts over a network during your lunch break, of course.

Types of networks

In a small network such as the one that we have seen in the previous section, a wireless router combines the function of firewall, router, switch, and WAP.

This arrangement is fine for very small (home) networks, but when you exceed the wired switch capacity of the wireless router, youā€™ll need additional components.

Let's see a network with a separate switch to connect multiple computers.

Here, you can see that the wireless router connects to both the Internet and the switch. Several computers have wired connections to the switch, and wireless devices connect via the WAP thatā€™s built in to the Wi-Fi router. The wireless router also provides the firewall function.

We can also see a more complicated setup, in which the WAP is separated from the router like this :

Here, the router with its built-in firewall connects to the Internet and to the switch. As before, several computers have wired connections to the switch. In addition, the WAP has a wired connection to the switch, allowing wireless devices to connect to the network.

We also have many more complicated arrangements of these basic network components but it's good for the moment.

Some vocabulary

Computer networking has its own strange vocabulary. Although you donā€™t have to know every esoteric networking term, it helps to be acquainted with a few of the basic buzzwords:

  • LAN: Networks are often called LANs, short for local area network. You donā€™t really need to remember it or any of the many TLAs that follow.
  • On the network: Every computer connected to the network is said to be ā€œon the network.ā€ The technical term (which you can forget) for a computer thatā€™s on the network is a node.
  • Online, offline: When a computer is turned on and can access the network, the computer is online. When a computer canā€™t access the network, itā€™s offline. A computer can be offline for several reasons. The computer can be turned off, the user may have disabled the network connection, the computer may be broken, the cable that connects it to the network can be unplugged, or a wad of gum can be jammed into the disk drive.
  • Up, down: When a computer is turned on and working properly, itā€™s up. When a computer is turned off, broken, or being serviced, itā€™s down. Turning off a computer is sometimes called taking it down. Turning it back on is sometimes called bringing it up.
  • Local, remote: A resource such as a disk drive is local if it resides in your computer. Itā€™s remote if it resides in another computer somewhere else on your network.
  • Internet: The Internet is a huge amalgamation of computer networks strewn about the entire planet. Networking the computers in your home or office so that they can share information with one another and connecting your computer to the worldwide Internet are two separate but related tasks but we will see this in details through the next sections of this course.

Network Infrastructure

Understanding the networking infrastructure and the OSI model is crucial for anyone involved in developing network applications or working in a networked environment. With this knowledge you will be able to understand how different networking protocols operate and interact with each others šŸ¤“

Let's begin with the Open Systems Interconnection (OSI) model. The OSI model is a conceptual model from the International Organization for Standardization (ISO) that "provides a common basis for the coordination of standards development for the purpose of systems interconnection". In the OSI reference model, the communications between systems are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. More details about each layers on Wikipedia

In this course we will be focusing mainly on the layers 4,5,6 and 7. Now let's see how a computer network is structured, his form (or topology) and it's main components like cables, port, packets, interfaces...

Network Topology

Network topology is the structure or the architecture of how computers and other network components are interlinked with each other. There are several distinct types of network topologies (or graphs), each carrying its own set of pros and cons depending on the requirements of the network.

In order to understand better the following section it is important to know about Nodes and Packets.

  • A node refers to any device connected to the network, which could be a computer, printer, or any other network-enabled device. In the context of network topology, nodes are the fundamental elements that are interconnected, and understanding how they are linked is crucial for analyzing the network's functionality and performance.
  • A packet is a chunk of data sent across the network from one node to another. It encapsulates not only the actual data but also metadata such as the source and destination addresses, which helps in routing the packet through the network correctly. In a broader sense, packets are the basic units of communication over networks, and understanding packet flow is essential for comprehending how data moves within and across networks.

Now, let's see some common types of network topologies šŸ˜Ž

Bus topology

The first type of network topology is called a bus, in which nodes are strung together in a line like below :

  • Advantages: Easy to set up, low cost.
  • Disadvantages: A fault in the cable can bring down the entire network, not suitable for a large network and high security like cars.

I recommend you this incredible video (in french) about how hackers leverage this type of network topology in order to hack modern cars and build a swiss knife of cars hacking for only 5k$ on the darkweb šŸ˜‚ here

Star topology

In this architecture all devices are connected to a central hub or switch like the image below.

  • Advantages: Easy to add or remove devices, a fault in one cable doesn't affect other devices.
  • Disadvantages: If the central hub fails, the entire network goes down.

Ring Topology

Each device is connected to two other devices, forming a ring.

  • Advantages: Data can be transferred quickly as each device has a dedicated point-to-point link.
  • Disadvantages: A fault in one connection can affect the entire network, difficult to troubleshoot.

Mesh topology

All devices are interconnected, every device connects to every other.

  • Advantages: Provides multiple paths for data transmission, highly reliable.
  • Disadvantages: Complex and expensive to set up šŸ˜¢

Cables

Networking cables are crucial for establishing physical connections between different devices (nodes) within a network like we have seen on the layer 1 of the OSI model above šŸ”Œ

The Physical Layer of the OSI Model deals with the physical medium and connections that facilitate data bit transmission across the network. It encompasses everything from cables, switches, and routers to the actual electrical or optical signals transmitted.

They come in various types, such as :

  • Ethernet Cables: Commonly used for wired networks, with different categories (e.g., Cat5e, Cat6) offering varying levels of performance.
  • Fiber Optic Cables: Known for high-speed data transmission and resistance to electromagnetic interference.
  • Coaxial Cables: Used in older Ethernet networks or for connecting to Internet Service Providers.
  • Repeaters: A simple network device used to regenerate or amplify signals in a network, extending the reach of the network beyond its original limit.
  • Hubs : A hub is a basic network device that connects multiple computers in a network in a star topology. It receives a signal from one port and sends it out to all other ports, effectively broadcasting the data to all devices in the network.
  • Switches: A switch is a more advanced network device compared to a hub. It filters and forwards data packets to specific devices on the network rather than broadcasting to all devices. It does this by maintaining a MAC address table (we will see this in detail below), learning and understanding where each device is located on the network. Btw, switches are considered as Data Link Layer (Layer 2).

More details about the mains computer networking cables on Wikipedia here

So, in summary for us developers having a basic understanding of OSI Model Layer 1 and the types and roles of networking cables is always good for effectively working in networked environments, developing network applications, optimizing network performance, or troubleshooting network issues šŸ¤“

Knowledge of different cable types and their capabilities can aid in optimizing network performance, reducing latency, and ensuring reliable connectivity is a very good skill to have!

Interfaces and MAC Addresses

Network Interface

A network interface is the electronic circuitry that allows a device to connect to a network. It facilitates the communication between the device and the network by managing the sending and receiving of data packets.

In essence, a network interface serves as the device's gateway to the network, enabling it to interact with other devices on the network or access network services.

The term network interface can refer to hardware and software components:

  • Hardware: Physical ports or wireless adapters on a device that connect to the network.
  • Software: The software configuration or drivers that manage the hardware and facilitate communication with the network.
Network Interface Card (NIC)

A Network Interface Card (NIC) is a hardware component that is installed in a computer or integrated into the motherboard. It provides the physical means to connect to a network. More details about NIC on Wikipedia

MAC address

Every network interface comes with a distinct identifier known as a MAC address, standing for Media Access Control. This unique identifier is exclusive worldwide for each network interface. MAC addresses play a vital role as they help in tracking the devices constituting a network. They are indispensable for identifying the devices on a network and for directing information to a specific device or recognizing the origin of the information.

The term "physical address" is often used interchangeably with MAC address. MAC addresses are a part of the OSI Reference Model's Layer 2, also known as the link layer. This layer oversees the basic information exchange on a network, and the unique identification of every device on a network through MAC addresses is a crucial element for this exchange.

MAC addresses comprise 48 bits, allowing for over 280 trillion unique addresses, which means a vast number of devices can have unique MAC addresses before the identifiers get exhausted. When expressed, MAC addresses are represented in six octets separated by hyphens. An octet consists of eight binary bits, and it's represented as a two-digit number in hexadecimal notation, utilizing letters A to F along with digits 0 to 9 to denote the value of each octet.A typical MAC address looks like this:

48-2C-6F-1E-59-3D

To view the MAC address of your Windows computer's network adapter, you can open a command prompt and input the command ipconfig. By scrolling through the output of this command, you can find the MAC address (referred to as a physical address in ipconfig) for each network interface on your computer. For instance, the ipconfig output for a built-in adapter on a specific device can be viewed this way. For Mac OS users like me you can copy paste this command to print your device MAC address : 

ifconfig en0 | grep ether
  • en0 typically refers to the primary network interface (usually the Ethernet interface or Wi-Fi depending on the system).
  • grep ether filters the output to display only the line containing the MAC address The output will display the MAC address of your primary network interface in the format ether xx:xx:xx:xx:xx:xx

Network Packets

When multiple devices are linked to a network through cables connected to their network interfaces, they have the capability to share information amongst themselves. This communication is enabled by the use of packets, which are modest-sized units of data transmitted and received via the network interfaces and cables.

A packet contains keys informations like : a source, a destination, some data, a size, and other useful informations that helps the packet reach the appropriate target location and get reassembled properly.

A packet can be seen like an envelope being sent through traditional mail delivery. It encapsulates the MAC addresses of both the sender and the recipient, along with some intriguing header details, and a payload which holds the actual data conveyed by the packet. The payload can be related to the content you'd place inside an envelope intended for mailing. Just as you'd ensure to write the recipient's and your address on the envelope before mailing it, similarly, packets carry address information.

Ethernet packets

An Ethernet packet is a specific type of network packet used in Ethernet networks, which are a common type of local area network (LAN). An Ethernet (or frame) packet contains the following information:

  • Structure:
    • Preamble: A sequence of bits that help network devices synchronize their communication.
    • Header: Contains source and destination MAC addresses and other information to help route the packet.
    • Payload: The actual data being transmitted.
    • Trailer: Contains error-checking information to ensure data integrity.
  • Purpose: Facilitates communication within a local network, ensuring that data reaches from one device to another accurately and efficiently.
  • Protocol-Specific: Tailored for Ethernet protocol standards, ensuring smooth operation within Ethernet-based networks.

More details about Ethernet packets on Wikipedia

If you want to know more about network packets I recommend you this incredible detailed article about packets on NetworkEncyclopedia here More details about the structure of an IPv4 packet on this amazing article here

Ports

In computer networking, a port is like a virtual docking point or a mailbox on your computer where network messages are delivered. Each port has a unique number, known as the port number, that identifies it.

Imagine your computer as a big apartment building, and the ports as individual apartment units. When a delivery person (the network) brings a message (data), the port number tells them which apartment (port) to deliver the message to. Each apartment (port) has a resident (a program or service) that receives and handles these messages.

Certain ports are typically associated with specific applications or communication protocols: - 80/443 - HTTP/HTTPS - 20 - FTP - 22 - SSH - 23 - Telnet - 25 - SMTP - ...

Such ports are commonly known as well-known ports. For a more comprehensive list, you can check it on Wikipedia.

Every computer has a limited number of ports, totaling 65535. These ports are categorized into distinct groups.

  • Ports ranging from 0 - 1023 are designated as reserved. To utilize a port within this range, a process must have administrative rights.
  • Ports within the range of 1024 - 65535 are available, meaning any process can occupy one of these ports during its operation.
  • Ports numbered 1024 - 49151 can be registered, which means they can be linked to specific applications or processes. For instance, the PostgreSQL database system usually runs on port 5432. However, these associations are flexible. You have the liberty to initiate and utilize any port within this span.
  • Ports in the range of 49152 - 65535 are termed as ephemeral. Generally, these ports are under the management of your operating system, and it's not advisable to use them for personal processes. If you notice when you call a python or a node script and you listen your localhost network ports you may have seen this ports for your running apps šŸ¤“

In today's interconnected tech environement it is crutial to understand port managment operations for efficient troubleshooting, effective resource utilization and security but do not worry we will see this in detail later !